git.librecmc.org Git - oweals/karmaworld.git/commit

author	Charlie DeTar <cfd@media.mit.edu>
	Sat, 14 Feb 2015 23:27:17 +0000 (16:27 -0700)
committer	Bryan <btbonval@gmail.com>
	Fri, 27 Feb 2015 01:08:12 +0000 (20:08 -0500)
commit	e0cbe924dc84bcfe861797b884323eaf92e57465
tree	1eb712e729e2c5cafed6f6374dd61cb57be44610	tree \| snapshot
parent	540600e7f7c6fd505756f01a8c50e91e8c181e0b	commit \| diff

Updates to sanitizer; all-in with inline HTML

- Remove iframe and "static hosting" as a strategy for showing a note.
   Only show inline HTML.
- Add a "format preserving" sanitizer that does XSS filtering and prep
   for inline HTML, but doesn't remove visual markup.
- Remove javascript pertinent to PDF viewing. Handle zoom buttons using
   CSS transforms on the HTML container.
- Add notion of "editability" for Notes.  Notes will save with an
   "editable" sanitizer that strips to markdown-caliber HTML which the
   client side WYSIWYG can handle if the note is an editable type, and
   renders with a "format preserving" sanitizer that uses complex ugly
   junk as the HTML if it's not meant to be edited.
- Add and improve tests for this stuff.

karmaworld/apps/notes/forms.py		diff \| blob \| history
karmaworld/apps/notes/migrations/0020_markdown_to_html.py		diff \| blob \| history
karmaworld/apps/notes/models.py		diff \| blob \| history
karmaworld/apps/notes/sanitizer.py		diff \| blob \| history
karmaworld/apps/notes/tests.py		diff \| blob \| history
karmaworld/assets/js/note-detail.js		diff \| blob \| history
karmaworld/templates/notes/note_base.html		diff \| blob \| history
karmaworld/templates/notes/note_detail.html		diff \| blob \| history
requirements.txt		diff \| blob \| history